What you do at AMD changes everything 

At AMD, we push the boundaries of what is possible.  We believe in changing the world for the better by driving innovation in high-performance computing, graphics, and visualization technologies – building blocks for gaming, immersive platforms, and the data center. 

Developing great technology takes more than talent: it takes amazing people who understand collaboration, respect, and who will go the “extra mile” to achieve unthinkable results.  It takes people who have the passion and desire to disrupt the status quo, push boundaries, deliver innovation, and change the world.   If you have this type of passion, we invite you to take a look at the opportunities available to come join our team.

The Role:

AMD is seeking a Software development Engineer of security expertise to improve its Product Security Office with penetration testing, security analysts, security minded firmware developers and architects, incident responders, and secure development lifecycle specialists.

This is a very dynamic and fast-paced engineering environment where you will be leading and participating in a wide variety of results-oriented product development projects, security incident responses, penetration testing, and red-teaming of AMD products.

The Person:

As a Software development engineer, you will be part of the design team working with the AMD Product Security Office. Your responsibility is to technically lead or participate in the development of security related firmware, features, TEEs, OEM integrations, and system hardware from inception to production.

AMD is looking for a proven capability to closely work with power eco-system partners, the open-source community, security researchers, and academics to develop, test, validate, threat model, and analyze AMD’s security posture. This includes developing firmware and hardware designs that are resilient to future attacks.

This position requires an outstanding background of security, firmware, debug skills, communication skills, ability to prototype, ability to develop, ability to adapt researcher software for the AMD environment, and to clear articulate both the technical issues and the potential security risks associated with the implementation.

Key Responsibilities:

Owns security feature definitions and specifications

Owns development of threat models

Owns tools that aid AMD developer to securely develop and deploy AMD products

Provides understanding of features to IP architects

Develops and executes proofs of concepts for security weaknesses both existing and envisioned

Supports AMD enablement teams with security expertise, reporting, and aiding customers to mitigate issues

Analyzes AMD designs for vulnerabilities

Develops test approaches for long term security

Works with eco-system partners to help improve the security of the entire compute base from CPU to GPU

Reviews feature related test plans

Lead multi-functional teams in areas not of your expertise to diagnose, mitigate, and validate potential security issues

Lead and/or develop test tools crafted to discover and introspect issues before they are found by researchers

Connect with academics and the security eco-system on potential issues that may impact AMD products

Drive the design and development of security related features for all of AMD products.

Proven ability to develop penetration testing and red-teaming approaches that discover security weaknesses

Solid experience and knowledge of security concepts.

Experience with firmware, APIs, applications, OSes and their interactions within Windows, Linux, gaming, compute, and virtualization environments.

Understand industrial security standards: TCG, DMTF, OCP NIST, FIPS, Common Criteria, etc

Must be self-driven, collaborative, and a strong team player with technical leadership skills to support efficient performance with excellent teamwork, communication and organization skills.

Preferred Experience:

The ideal candidate will have demonstrated experience in overall platform security and/or device security microarchitecture and/or CPU, SOC, or hardware security-oriented definition.

Strong understanding of computer architecture systems and concepts, including CPU architecture, fundaments of the system memory hierarchy and caches, and underlying system hardware and firmware.

Knowledge of existing hardware architecture(s) (prefer x86 and/or ARM) including associated security and/or virtualization extensions.

Familiarity with typical software/hardware interfaces and driver techniques.

Proficient in C/C++ development and understanding of assembly level instructions sets (AMD64 or ARM)

Experience designing and/or implementing secure systems, including concepts such as threat modeling, security architecture, protocol design, network security, and operating system security.

Familiarity and experience in PC Client / Data Center / IoT interconnect standards and associated underlying technologies and protocols like: PCI Express, Compute Express Link (CXL), SPI, I2C / I3C & USB

Eagerness and ability to quickly learn new concepts

Great teammate, ability to work in cross-site and matrix environments

Possess fundamental knowledge of security principles and properties, including confidentiality, integrity, availability, authentication, authorization, and auditing

Knowledge of cryptographic algorithms.

Development experience with micro-kernels and/or real-time OS’es.

Familiarity in operating systems and virtualization technologies, especially around Linux kernel and driver level development, hypervisors/virtual machines, and containers.

Familiarity with SaaS, PaaS, IaaS and container systems like Kubernetes a plus.

Academic Credentials:

MS / Ph.D in Computer Science/engineering, Cyber Security or equivalent.